+1 on not being ethical, Unless there was a specific policy under acceptable use, or issue specific policy about monitoring of communications accordingly.
There is a bigger issue at hand though, Electronic Communications and Privacy Act of 1986, (ECPA) Title II of the ECPA, the Stored Communications Act <http://en.wikipedia.org/wiki/Stored_Communications_Act> (SCA) protects communication held in electronic storage, most notably messages stored on computers. Its protections are weaker than those of Title I, however, and do not impose heightened standards for warrants. Title III prohibits the use of pen register and/or trap and trace devices to record dialing, routing, addressing, and signalling information used in the process of transmitting wire or electronic communications without a search warrant. Now when you look at what they did, because tapping into the web-cam without a policy stating they could monitor communications and you could validly argue that they possibly broke TITLE III of the ECPA by tapping/tracking the communications on the web-cams accordingly, which is a wire/wireless communication medium. This has been also taken up in privacy debates. Z Edward Ziots MCSE,MCSA,MCP+I,CCA,Security+ Network+ Network Engineer Lifespan Organization 401-639-3505 [email protected] From: David Lum [mailto:[email protected]] Sent: Friday, March 05, 2010 9:34 AM To: NT System Admin Issues Subject: RE: Friday OT - Web cam case To validate Jonathan's point about it not being ethical: "The school district says they have stopped the practice. Even so, now that it has become public knowledge that the Lower Merion School District has allegedly indulged in webcam spying, students have been taping over webcams and microphones". http://law.rightpundits.com/?p=1275 And: "School officials in Pennsylvania who admit remotely activating student webcams to locate missing laptops could have used far less intrusive methods such as GPS tracking devices" http://www.stamfordadvocate.com/default/article/Experts-School-can-track -laptops-less-intrusively-375201.php Dave From: Jonathan Link [mailto:[email protected]] Sent: Friday, March 05, 2010 5:45 AM To: NT System Admin Issues Subject: Re: Friday OT - Web cam case Because they're stupid? Honestly, what do you expect from an organization who was caught doing something that all the principles (as in main actors/decision makers, not school administrators) knew that what they were doing wasn't quite kosher. The organization is now in CYA mode. That the people involved didn't have enough personal foresight to see this coming doesn't make me cry for anyone one involved. You may have even less sympathy, when you do a bit of reading, that the tech involved (not the coordinator, to my knowledge) has bragged about his ability to spy in blogs and forums. Or hat the system was designed to report back to a central server if it detected that it was stolen, and that check to determine stolen status was when it wasn't on the school's network. Or that they used it to enforce expected behaviors for students beyond the bounds of the campus where students might have a reasonable expectation of privacy. Or that when students repeatedly reported the problem with their webcam coming on, and they were always told it was a glitch (lied to). Had I been in the tech's or the coordinator's places, I'd have made darn sure I had something in writing, in triplicate that told me that I was to do such and such because my superiors told me to do so. Even then, I'd be making an exit strategy. To answer your question less sarcastically. Because they (IT guys) have access to the power and information, but don't have the responsibility that their superiors do. Under those conditions it's quite simple to shift blame and for a superior to say, well, I didn't know, he told me it was OK, and he's the expert I trust. It's a BS answer, because it isn't a technical problem, shouldn't have taken the IT guy's advice beyond I can do X. The superiro should've then gone to his next expert (a lawyer) and said I can do X, is it legal for me to do X? But with the technological savvy of most users, I can see how shifting blame to the IT guys is possible; They used the internet and webcams to spy on us, so it must be the IT guy's idea/fault. Before it's all said and done, I'm sure everyone is going to get a piece of humble pie. My hope is that the administrators involved get their fair share (which is slightly more than what the IT guys should get, but not by much). -Jonathan On Fri, Mar 5, 2010 at 8:15 AM, Dennis Melahn <[email protected]> wrote: Imagine that! The IT guys get shafted in this deal?! Why is it the IT guys always have to take the heat? http://www.philly.com/philly/news/homepage/20100305_Two_tech_workers_sid elined_in_Web-cam_case.html Dennis ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
